A symmetric key cryptosystem (Fig.10.6) uses the same secret key for encryption and decryption. The sender and the receiverfirst need to agree a shared key prior to communication. This needs to be done over a secure channel to ensure that the shared key remains secret. Once this has been done they can begin to encrypt and decrypt messages using the secret key. Anyone who is able to encrypt a message has sufficient information to decrypt the message.

The encryption of a message is in effect a transformation from the space of messages to the space of cryptosystemsℂ. That is, the encryption of a message with keykis an invertible transformation fsuch that:

The cipher text is given by C = E_k(M) where M2 and C2ℂ. The legitimate receiver of the message knows the secret keyk(as it will have transmitted previ- ously over a secure channel), and so the cipher text C can be decrypted by the inverse transformationf⁻¹defined by:

Therefore, we have that D_k(C) = D_k(E_k(M)) = M the original plaintext message.

There are advantages and disadvantages to symmetric key systems (Table10.2), and these include

Message M

Encryption C = E_k(M)

Decryption M= D_k(C)

Message M

Secret Key (k) Public Channel (Insecure)

Hostile Attack (Enemy)

Secure Channel

Fig. 10.6 Symmetric key cryptosystem

10.4 Symmetric Key Systems 161

Examples of Symmetric Key Systems (i) Caesar Cipher

The Caesar cipher may be defined using modular arithmetic. It involves a shift of three places for each letter in the plaintext, and the alphabetic letters are represented by the numbers 0–25. The encryption is carried out by addition (modula 26). The encryption of a plaintext letterxto a cipher letter cis given by²:

c¼xþ3ðmod26Þ

Similarly, the decryption of a cipher lettercis given by:

x¼c3ðmod26Þ

(ii) Generalized Caesar Cipher

This is a generalization of the Caesar cipher to a shift of k (the Caesar cipher involves a shift of three). This is given by

fk¼Ekð Þ x xþkðmod26Þ 0k25 f_k¹¼ Dkð Þ c ckðmod26Þ 0k25 Table 10.2 Advantages and disadvantages of symmetric key systems

Advantages Disadvantages

Encryption process is simple (as the same key is used for encryption and decryption)

A shared key must be agreed between two parties

It is faster than public key systems Key exchange is difficult as there needs to be a secure channel between the two parties (to ensure that the key remains secret) It uses less computer resources than public

key systems

If a user hasntrading partners thennsecret keys must be maintained (one for each partner) It uses a different key for communication

with every different party

There are problems with the management and security of all of these keys (due to volume of keys that need to be maintained)

Authenticity of origin or receipt cannot be proved (as key is shared)

2Herexandcare variables rather than the alphabetic characters‘x’and‘c’.

(iii) Affine Transformation

This is a more general transformation and is defined by

f_ða;bÞ¼E_ða;bÞð Þ x axþbðmod26Þ 0a;b;x25 andgcdða;26Þ ¼1 f_{ð Þ}¹_a;b ¼D_ða;bÞð Þ c a¹ðcbÞðmod26Þ a¹is the inverse ofa mod 26

(iv) Block Ciphers

Stream ciphers encrypt a single letter at a time and are easy to break. Block ciphers offer greater security, and the plaintext is split into groups of letters, and the encryption is performed on the block of letters rather than on a single letter.

The message is split into blocks ofn-letters: M₁, M₂,…, M_k, where each M_i(1 i k) is a blockn-letters. The letters in the message are translated into their numerical equivalents, and the cipher text formed as follows:

CiAMiþBðmodNÞ i¼1;2;. . .k

a11 a12 a13 . . . a1n

a21 a22 a23 . . . a2n

a31 a32 a33 . . . a3n

. . . . . . . .

an1 an2 an3 . . . ann

0 BB BB BB

@

1 CC CC CC A

m1

m2

m3

. . . . . . mn

0 BB BB BB

@ 1 CC CC CC A

þ b1

b2

b3

. . . . . . bn

0 BB BB BB

@ 1 CC CC CC A

¼ c1

c2

c3

. . . . . . cn

0 BB BB BB

@ 1 CC CC CC A

;

where (A, B) is the key, A is an invertiblennmatrix with gcd(det(A), N) = 1,³ Mi= (m1,m2,…,mn)^T, B = (b1,b2,…,bn)^T, Ci= (c1,c2,…,cn)^T. The decryption is performed by

MiA¹ðCiBÞðmodNÞ i¼1;2;. . .;k

m1

m2

m3

. . . . . . mn

0 BB BB BB

@ 1 CC CC CC A

¼

a11 a12 a13 . . . a1n

a21 a22 a23 . . . a2n

a31 a32 a33 . . . a3n

. . . . . . . .

an1 an2 an3 . . . ann

0 BB BB BB

@

1 CC CC CC A

1 c1b1

c2b2

c3b3

. . . . . . cnbn

0 BB BB BB

@

1 CC CC CC A

3This requirement is to ensure that the matrix A is invertible.

10.4 Symmetric Key Systems 163

(v) Exponential Ciphers

Pohlig and Hellman [1] invented the exponential cipher in 1976. This cipher is less vulnerable to frequency analysis than block ciphers.

Let p be a prime number and let M be the numerical representation of the plaintext, with each letter of the plaintext replaced with its two-digit representation (00–25). That is, A = 00, B = 01,…, Z = 25.

M is divided into blocks M_i(these are equal size blocks ofmletters where the block size is approximately the same number of digits asp). The number of letters mper block is chosen such that

2525. . .25

|fflfflfflfflfflffl{zfflfflfflfflfflffl}

mtimes

\p\2525. . .25|fflfflfflfflfflffl{zfflfflfflfflfflffl}

mþ1times

For example, for the prime 8191 a block size ofm= 2 letters (4 digits) is chosen since:

2525\8191\252525

The secret encryption key is chosen to be an integerksuch that 0 <k<p and gcd(k,p −1) = 1. Then the encryption of the block M_iis defined by

C_i¼E_kðM_iÞ M^k_iðmodpÞ The cipher textC_iis an integer such that 0 C_i<p.

The decryption ofC_iinvolvesfirst determining the inversek⁻¹of the keyk(mod p− 1), i.e., we determinek⁻¹such thatkk⁻¹1 (modp− 1). The secret keykwas chosen so that (k,p− 1) = 1, and this means that there are integersd andn such thatkd= 1 +n(p− 1), and sok⁻¹isd andkk⁻¹= 1 +n(p− 1). Therefore,

D_k¹ðCiÞ C^k_i¹ ðM^k_iÞ^k1M¹_i^{þn p1ð Þ}MiðmodpÞ

The fact that M_i^1+n(p−1)M_i (mod p) follows from Euler’s Theorem and Fermat’s Little Theorem (Theorems3.7and3.8), which were discussed in Chap. 3.

Euler’s Theorem states that for two positive integersaandnwith gcd(a,n) = 1 that a^/(n) 1 (modn).

Clearly, for a primepwe have that/(p) =p− 1. This allows us to deduce that M¹_i^þnðp1ÞM¹_iM^nðp1Þ_i M_i M^ðp1Þ_i

_n

M_ið Þ1 ⁿM_iðmodpÞ

(vi) Data Encryption Standard (DES)

DES is a popular cryptographic system [2] used by governments and private companies around the world. It is based on a symmetric key algorithm and uses a shared secret key that is known only to the sender and receiver. It was designed by IBM and approved by the National Bureau of Standards (NBS⁴) in 1976. It is a block cipher and a message is split into 64-bit message blocks. The algorithm is employed in reverse to decrypt each cipher text block.

Today, DES is considered to be insecure for many applications as its key size (56 bits) is viewed as being too small, and the cipher has been broken in less than 24 h. This has led to it being withdrawn as a standard and replaced by the Advanced Encryption Standard (AES), which uses a larger key of 128 bits or 256 bits.

The DES algorithm uses the same secret 56-bit key for encryption and decryption. The key consists of 56 bits taken from a 64-bit key that includes 8 parity bits. The parity bits are at position 8, 16,…, 64, and so every eighth bit of the 64-bit key is discarded leaving behind only the 56-bit key.

The algorithm is then applied to each 64-bit message block and the plaintext message block is converted into a 64-bit cipher text block. An initial permutation is first applied to M to create M′, and M′is divided into a 32-bit left half L₀and a 32-bit right half R₀. There are then 16 iterations, with the iterations having a left half and a right half:

L_i¼ R_i1

Ri¼ Li1fðRi1;KiÞ

The functionfis a function that takes a 32-bit right half and a 48-bit round key K_i (each K_i contains a different subset of the 56-bit key) and produces a 32-bit output. Finally, the pre-cipher text (R₁₆, L₁₆) is permuted to yield thefinal cipher text C. The functionfoperates on half a message block and involves Table 10.3.

The decryption of the cipher text is similar to the encryption and it involves running the algorithm in reverse.

DES has been implemented on a microchip. However, it has been superseded in recent years by AES due to security concerns with its small 56-bit key size.

The AES uses a key size of 128 bits or 256 bits.